mirror of
https://github.com/maybe-finance/maybe.git
synced 2025-07-23 07:09:39 +02:00
Impersonation (#1325)
* Initial impersonation * Impersonation audit * Keep super admin separate * Remove vscode settings * Comment cleanup * Comment out impersonation fixtures for now * Remove unused controlelr * Add impersonation testing (#1326) * Add impersonation testing * Remove unused method * Update schema.rb * Update brakeman --------- Co-authored-by: Zach Gollwitzer <zach@maybe.co>
This commit is contained in:
Josh Pigford
GitHub
parent
4a3685f503
commit
c7c281073f
29 changed files with 477 additions and 16 deletions
112
test/controllers/impersonation_sessions_controller_test.rb
Normal file
112
test/controllers/impersonation_sessions_controller_test.rb
Normal file
|
|
@ -0,0 +1,112 @@
|
|||
require "test_helper"
|
||||
|
||||
class ImpersonationSessionsControllerTest < ActionDispatch::IntegrationTest
|
||||
test "impersonation session logs all activity for auditing" do
|
||||
sign_in impersonator = users(:maybe_support_staff)
|
||||
impersonated = users(:family_member)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
post join_impersonation_sessions_path, params: { impersonation_session_id: impersonator_session.id }
|
||||
|
||||
assert_difference "impersonator_session.logs.count", 2 do
|
||||
get root_path
|
||||
get account_path(impersonated.family.accounts.first)
|
||||
end
|
||||
end
|
||||
|
||||
test "super admin can request an impersonation session" do
|
||||
sign_in users(:maybe_support_staff)
|
||||
|
||||
post impersonation_sessions_path, params: { impersonation_session: { impersonated_id: users(:family_member).id } }
|
||||
|
||||
assert_equal "Request sent to user. Waiting for approval.", flash[:notice]
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
|
||||
test "super admin can join and leave an in progress impersonation session" do
|
||||
sign_in super_admin = users(:maybe_support_staff)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
super_admin_session = super_admin.sessions.order(created_at: :desc).first
|
||||
|
||||
assert_nil super_admin_session.active_impersonator_session
|
||||
|
||||
# Joining the session
|
||||
post join_impersonation_sessions_path, params: { impersonation_session_id: impersonator_session.id }
|
||||
assert_equal impersonator_session, super_admin_session.reload.active_impersonator_session
|
||||
assert_equal "Joined session", flash[:notice]
|
||||
assert_redirected_to root_path
|
||||
|
||||
follow_redirect!
|
||||
|
||||
# Leaving the session
|
||||
delete leave_impersonation_sessions_path
|
||||
assert_nil super_admin_session.reload.active_impersonator_session
|
||||
assert_equal "Left session", flash[:notice]
|
||||
assert_redirected_to root_path
|
||||
|
||||
# Impersonation session still in progress because nobody has ended it yet
|
||||
assert_equal "in_progress", impersonator_session.reload.status
|
||||
end
|
||||
|
||||
test "super admin can complete an impersonation session" do
|
||||
sign_in super_admin = users(:maybe_support_staff)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
put complete_impersonation_session_path(impersonator_session)
|
||||
|
||||
assert_equal "Session completed", flash[:notice]
|
||||
assert_nil super_admin.sessions.order(created_at: :desc).first.active_impersonator_session
|
||||
assert_equal "complete", impersonator_session.reload.status
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
|
||||
test "regular user can complete an impersonation session" do
|
||||
sign_in regular_user = users(:family_member)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
put complete_impersonation_session_path(impersonator_session)
|
||||
|
||||
assert_equal "Session completed", flash[:notice]
|
||||
assert_equal "complete", impersonator_session.reload.status
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
|
||||
test "super admin cannot accept an impersonation session" do
|
||||
sign_in super_admin = users(:maybe_support_staff)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
put approve_impersonation_session_path(impersonator_session)
|
||||
|
||||
assert_response :not_found
|
||||
end
|
||||
|
||||
test "regular user can accept an impersonation session" do
|
||||
sign_in regular_user = users(:family_member)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
put approve_impersonation_session_path(impersonator_session)
|
||||
|
||||
assert_equal "Request approved", flash[:notice]
|
||||
assert_equal "in_progress", impersonator_session.reload.status
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
|
||||
test "regular user can reject an impersonation session" do
|
||||
sign_in regular_user = users(:family_member)
|
||||
|
||||
impersonator_session = impersonation_sessions(:in_progress)
|
||||
|
||||
put reject_impersonation_session_path(impersonator_session)
|
||||
|
||||
assert_equal "Request rejected", flash[:notice]
|
||||
assert_equal "rejected", impersonator_session.reload.status
|
||||
assert_redirected_to root_path
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Add a link
Reference in a new issue